CVE-2018-1751

Description

IBM Security Key Lifecycle Manager 3.0 through 3.0.0.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 148512.

CVSS breakdown

CVSS 3.0

Availability

None

Attack Complexity

High

Attack Vector

Network

Confidentiality

High

Integrity

None

Privileges Required

None

Scope

Unchanged

User Interaction

None

Unchanged

Changed

Affected products

ibm / Security Key Lifecycle Manager3.0 – 3.0
ibm / Security Key Lifecycle Manager3.0.0.2 – 3.0.0.2

References

MISChttp://www.ibm.com/support/docview.wss?uid=ibm10791829
MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/148512
MISChttp://www.securityfocus.com/bid/106734